From 3903ca92e92288e026d5923ab9a7c4d65d2e2d4a Mon Sep 17 00:00:00 2001
From: Pierre Riteau <pierre@stackhpc.com>
Date: Thu, 11 Aug 2022 12:42:57 +0200
Subject: [PATCH] Add support for specifying SNAT source and destination
 filters

This is useful if forwarded packets need to exit on a different
interface depending on the source or destination IP address or port.

Change-Id: Ifbfbade4baaa1901b08549e52acc725e45379a16
---
 ansible/roles/snat/tasks/main.yml                           | 5 +++++
 releasenotes/notes/snat-rules-dst-src-14ce6ca6bec26086.yaml | 6 ++++++
 2 files changed, 11 insertions(+)
 create mode 100644 releasenotes/notes/snat-rules-dst-src-14ce6ca6bec26086.yaml

diff --git a/ansible/roles/snat/tasks/main.yml b/ansible/roles/snat/tasks/main.yml
index 6fc64aa5..2909ece4 100644
--- a/ansible/roles/snat/tasks/main.yml
+++ b/ansible/roles/snat/tasks/main.yml
@@ -15,5 +15,10 @@
     out_interface: "{{ item.interface }}"
     jump: SNAT
     to_source: "{{ item.source_ip }}"
+    destination: "{{ item.destination | default(omit) }}"
+    destination_port: "{{ item.destination_port | default(omit) }}"
+    destination_ports: "{{ item.destination_ports | default(omit) }}"
+    source: "{{ item.source | default(omit) }}"
+    source_port: "{{ item.source_port | default(omit) }}"
   with_items: "{{ snat_rules }}"
   become: True
diff --git a/releasenotes/notes/snat-rules-dst-src-14ce6ca6bec26086.yaml b/releasenotes/notes/snat-rules-dst-src-14ce6ca6bec26086.yaml
new file mode 100644
index 00000000..6c71ac08
--- /dev/null
+++ b/releasenotes/notes/snat-rules-dst-src-14ce6ca6bec26086.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    Adds support for specifying SNAT source and destination filters. This is
+    useful if forwarded packets need to exit on a different interface depending
+    on the source or destination IP address or port.
-- 
GitLab